Network attacks by hackers are on the rise, and network administrators use different methods and techniques to prevent the hackers from obtaining access to unauthorized information. Many times a hacker is identified and blocked in a firewall or other network device. The hacker may include a system, a compromised device, etc. that performs malicious network activity (e.g., packet sniffing, password cracking, phishing, spreading a virus, spreading a Trojan horse, etc.). A network device may identify a compromised device's Internet protocol (IP) address, and may block or drop packets associated with the IP address if the comprised device attempts to access the network in the future. A layer 2 (L2) switch is a network device that receives a packet containing data or control information on one port and, based on a media access control (MAC) address contained within the packet, transmits the packet via another port. A L2 switch may include a single central processing unit (CPU) or multiple CPUs referred to as security process units (SPUs).